Public key infrastructure (PKI) is a specification of hardware, software, and user activities for authenticating a user, machine, or other object. A certificate authority issues a certificate to a user, and a validation authority authenticates the user's certificate. PKI is an extensible standard, and the PKI certificate definition provides for a number of fields, including several expansion or user-definable fields.
Security assertion markup language (SAML) is an extensible markup language (XML)-based authentication standard in which SAML assertions can include authentication statements, attribute statements, and authorization decision statements. Authentication statements assert that a user authenticated with an identity provider at a particular time is using a particular authentication method. “Authentication context” may also be provided, including additional information about the authenticated user.